Ransomware continues to be one of the top cyber threats facing businesses, with 30% admitting to having fallen victim in the past. It is therefore critical that you have advanced protection capabilities in place to keep your business secure.
Here is a checklist put together by our dedicated cyber security New Zealand consultants to ensure that you are ransomware ready.
Stop Attacks From Getting Into and Spreading Within Your Network
Stopping ransomware from entering and spreading within your network is vital.
▢ Network Intrusion Prevention System (NIPS)
A modern, high-performance NIPS engine is a critical security component of any next-generation firewall.
▢ Lockdown Remote Desktop Protocol (RDP)
Your firewall should enable you to easily restrict access to VPN users and whitelist sanctioned IP addresses.
▢ Sandboxing Technology
Your firewall should incorporate sandboxing technology to ensure all suspicious active files coming in through web downloads and as email attachments are being suitably analysed for malicious behaviour before they get onto your network.
▢ Zone Segmentation
Your firewall should enable you to reduce lateral movement within the network by segmenting LANs into smaller, isolated zones or virtual LANs secured and connected by the firewall.
Securing Your Endpoints And Servers
Stopping ransomware from gaining a foothold on your endpoints and servers is vital
▢ Machine Learning
Your solution should be able to utilise deep learning, or other machine learning techniques, to analyse the “DNA” of files and block never-seen-before ransomware before it can execute.
▢ Anti-ransomware Technology
Your solution should secure your endpoints with technology specifically designed to detect and stop ransomware. It should be able to identify ransomware behaviour by blocking malicious encryption that attempts to make unauthorised changes to your data.
▢ Web Security and Malicious Traffic Detection
Your solution should search for malicious code and block access to exploit landing pages.
▢ Device Control
Your endpoint solution should be capable of restricting and inspecting removable media access such as USB keys to eliminate the risk of infected media.
▢ Managed Detection and Response (MDR)
Your solution provider should be able to complement your endpoint solution with a 24/7 monitoring and response service. MDR services hunt for and investigate suspicious activity and potential indicators of compromise that might expose your business to ransomware attacks.
Stop Phishing Emails
Phishing emails are one of the most common attack vectors for ransomware. Make sure your users are prepared:
▢ Simulated Phishing Attacks
Tests the preparedness of your business against targeted phishing campaigns. Identify how many users failed, how susceptible they are to phishing attacks.
▢ Security Awareness Training
Educate, train and raise awareness amongst your users.